Jump to content

Sablon:Futtatási figyelmeztetés

From mediawiki.org

This page is a translated version of the page Template:Execution alert and the translation is 25% complete.

Figyelem: Az itt leírt kód vagy konfiguráció súlyos biztonsági kockázatot képvisel.

Rendszergazdák: Ezen biztonsági probléma megoldásáig nem ajánlott a használata.

Probléma: Vulnerable to code injection attacks, because it passes user input directly to executable statements, such as exec(), passthru() or include(). This may lead to arbitrary code being run on your server, among other things.
Megoldás: Strictly validate user input and/or apply escaping to all characters that have a special meaning in executable statements.

Sablondokumentáció

Description

Adds an alert box describing a code injection vulnerability in including Extension page. Also adds including page to Category:Extensions with arbitrary execution vulnerabilities

Example

{{Execution alert|~~~~}}

Retrieved from "https://www.mediawiki.org/w/index.php?title=Template:Execution_alert/hu&oldid=4446208"

Hidden category:

Pages using the JsonConfig extension